US accuses Russian of helping Kremlin hack Ukraine’s state computer systems


A 22-year-old Russian national is facing charges in the U.S. for allegedly helping Moscow’s military intelligence to hack into Ukraine’s computer systems prior to Russia’s invasion, and later targeting Kyiv’s allies, including the U.S.

According to the Department of Justice, Russian citizen Amin Stigal used malware known as WhisperGate to help Russia’s military intelligence, the GRU, to attack and destroy dozens of Ukrainian government entities’ computer systems in advance of the Russian invasion in 2022. Stigal remains at large. 

WhisperGate is a wiper masquerading as ransomware, which has some similarities to the NotPetya wiper that attacked Ukrainian businesses in 2017. WhisperGate was used by Russia-linked hackers to hit multiple Ukrainian government computers and websites in January 2022. 

“WhisperGate was actually a cyberweapon designed to completely destroy the target computer and related data,” an indictment said.

During the attack on Ukrainian targets, hackers compromised several of the targeted Ukrainian computer systems, exfiltrated sensitive data, including patient health records, and defaced the websites. They also offered the hacked data for sale on the internet.

“The effort was aimed at sowing concern among the broader Ukrainian population regarding the safety of government systems and data,” the Justice Department said. 

The same hackers were also allegedly responsible for an attack on “the transportation infrastructure of a Central European country that was supporting Ukraine.” They also probed computers belonging to a federal government agency in Maryland, according to the indictment.

If convicted, Stigal could face a maximum penalty of five years in prison.

“The Justice Department will continue to stand with Ukraine on every front in its fight against Russia’s war of aggression, including by holding accountable those who support Russia’s malicious cyber activity,” said U.S. Attorney General Merrick B. Garland.

News BriefsGovernmentNation-stateNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Suspected Chinese gov’t hackers used ransomware as cover in attacks on Brazil presidency, Indian health org

Next Post

EU blames ‘clerical error’ after misattributing hacks to wrong Russian spy agency

Related Posts